Failing to update Java software is the number one cause of privacy and security breaches online in New Zealand, according to cyber security company F-Secure.
The company says across Australia and New Zealand, nearly half of all malware occur in older versions of Java or unpatched software.
Mikko Hypponen, F-Secure’s chief research officer, says the first step in preventing cyberthreats can be as simple as updating old software, a process that computer users often skip, whether because of lack of awareness or time.
The company has identified the 10 most prevalent malware families in New Zealand, with Majava, a collection of maliciouis files that exploit known vulnerabilities in the Java Runtime Environment, topping the list. F-Secure says in New Zealand there were 358 Majava infections found per 10,000 people in 2014.
The Angler EK exploit, which takes advantage of vulnerabilities in Internet Explorer, Java, Flash and Silverlight is eighth in the top 10 with CVE-2013-2551, a collection of files exploiting a vulnerability in Internet Explorer, sitting at 10.
The list also includes the Zeroaccess botnet (2) followed by the Auotrun and Brontok worms, the Chinky and Kilim Trojans and Sality virus. The Rimecud worm takes ninth place.
Hypponen says globally, F-Secure has also seen a ‘concerning’ rise in malware growth on the Android platform, from about 100 new families of mobile malware per quarter in 2013, to about 300 per quarter in 2014.
He says protecting your privacy online is critical, not only for individuals, but for businesses storing sensitive customer and employee information and other commercially valuable data.
In New Zealand, the government estimates the cost of cybercrime to be in the hundreds of millions of dollars.
Simple measures for protection:
F-Secure offers these five measures to prevent cybercrime and protect sensitive online information:
Ensure Java and other software is up to date
The latest research from F-Secure found the top ranked infection to be due to outdated software. The research found most users know to update their operating systems and browsers, however, are not updating plug-ins, such as Java and Adobe Flash plug-ins in browsers, putting privacy at serious risk.
Ensuring security passwords do not include information such as any family names, birthdays and addresses, as well as regularly updating passwords, is considered best practice for online privacy. For even better security, F-Secure recommends using a password manager application.
Be smart about USB ports and portable devices
F-Secure’s research showed USBs and removable drives as common vectors for spreading malware. Simple precautionary measures such as not sharing portable devices between computers and running regular anti-virus software scans can help mitigate these risks.
Download and update online security software
One of the most important ways to protect your privacy online is to ensure all mobile and PC devices are fitted with adequate and up-to-date security software, F-Secure says.
Do not open suspicious emails or social media posts
F-Secure’s research found hackers are using new techniques when it comes to encouraging users to click on phishing links. As well as old techniques of sending malicious software via email through phishing links and attachments, hackers are now embedding malicious vectors through camouflaged links into users’ social media news feeds.